From nobody Sun May  5 19:36:30 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of groups.io designates
 66.175.222.108 as permitted sender) client-ip=66.175.222.108;
 envelope-from=bounce+27952+92286+1787277+3901457@groups.io;
 helo=mail02.groups.io;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+92286+1787277+3901457@groups.io;
	dmarc=fail(p=none dis=none)  header.from=intel.com
ARC-Seal: i=1; a=rsa-sha256; t=1660109676; cv=none;
	d=zohomail.com; s=zohoarc;
	b=Cp4oOtqhg8pFGyHG4GhqKhT/fvTCczvaNttEwl5JVVseovEnbGb2yNdRfgxggkbFG1UqzlYgnQhA8SsJO0cwlwRQbd28tbG8d4qcH5CuC+8JrLq5Nb0HvjVcwRr9D/CjxfKNZs4HGdKIwd1MwFkmqQnvxQ4gpf3VBq2YuymKw3A=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1660109676;
 h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To;
	bh=n8gQZLEzOq18ZXB7MgZGtJ81zXJjtHo4gq2E4YFwJrY=;
	b=VWYQP+Ltp8w6//Vx9Fd8LICbxgw5XgxBfTIsY6e302DQgzuDyeZknF1ss0yD3mqjyON8zTdo/bZan/9loPvETzt0Y4h7kaDvNgPdot2C9BJjt3omsaqhq54zxi+jATbQ/Ne8vFMzYsVOB7ue97wBvVxKJJltAl1HiS75wAIUjFQ=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+92286+1787277+3901457@groups.io;
	dmarc=fail header.from=<dun.tan@intel.com> (p=none dis=none)
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by
 mx.zohomail.com
	with SMTPS id 1660109676853126.05147280392714;
 Tue, 9 Aug 2022 22:34:36 -0700 (PDT)
Return-Path: <bounce+27952+92286+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id ltiZYY1788612xsLveThJJlU;
 Tue, 09 Aug 2022 22:34:35 -0700
X-Received: from mga14.intel.com (mga14.intel.com [192.55.52.115])
 by mx.groups.io with SMTP id smtpd.web12.2539.1660109672243652742
 for <devel@edk2.groups.io>;
 Tue, 09 Aug 2022 22:34:35 -0700
X-IronPort-AV: E=McAfee;i="6400,9594,10434"; a="291002902"
X-IronPort-AV: E=Sophos;i="5.93,226,1654585200";
   d="scan'208";a="291002902"
X-Received: from orsmga006.jf.intel.com ([10.7.209.51])
  by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 09 Aug 2022 22:34:34 -0700
X-IronPort-AV: E=Sophos;i="5.93,226,1654585200";
   d="scan'208";a="581093829"
X-Received: from duntan-mobl.ccr.corp.intel.com ([10.239.157.47])
  by orsmga006-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 09 Aug 2022 22:34:33 -0700
From: "duntan" <dun.tan@intel.com>
To: devel@edk2.groups.io
Cc: Dandan Bi <dandan.bi@intel.com>,
	Liming Gao <gaoliming@byosoft.com.cn>,
	Ray Ni <ray.ni@intel.com>
Subject: [edk2-devel] [Patch V2 1/2] MdeModulePkg/DxeIpl: Remove clearing
 CR0.WP when protecting pagetable
Date: Wed, 10 Aug 2022 13:33:59 +0800
Message-Id: <20220810053400.317-2-dun.tan@intel.com>
In-Reply-To: <20220810053400.317-1-dun.tan@intel.com>
References: <20220810053400.317-1-dun.tan@intel.com>
MIME-Version: 1.0
Precedence: Bulk
List-Unsubscribe: <mailto:devel+unsubscribe@edk2.groups.io>
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,dun.tan@intel.com
X-Gm-Message-State: z47V1SXuCdIfGj3e5EIK2SeGx1787277AA=
Content-Transfer-Encoding: quoted-printable
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1660109675;
 bh=jXyG3t6ezde6dXDwCfpXDvJWsijGhJIksuMTZSVQs6g=;
 h=Cc:Date:From:Reply-To:Subject:To;
 b=L9WDqtOs7IKjW1QJoAhCw4ZxyG2y+p+UBMmVNuUneNNSM+YXMyhunohWC/obgZipV9P
 /39KOCX5yGpCfwWxSTCaZQMc+y5PoRdNKQtrhq8FXwBZqPhWnvGuONz7QQ42HT3xCFBZX
 AeZzXinrsux73edBqHDlg+zEffbMuqX0TMs=
X-ZohoMail-DKIM: pass (identity @groups.io)
X-ZM-MESSAGEID: 1660109677307100005
Content-Type: text/plain; charset="utf-8"

Remove clearing CR0.WP when marking the memory used for page table
as read-only in the page table itself created by DxeIpl. This page
table address is written to Cr3 after these protection steps. Till
this, the memory used for page table is always RW.

Signed-off-by: Dun Tan <dun.tan@intel.com>
Cc: Dandan Bi <dandan.bi@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Ray Ni <ray.ni@intel.com>
Reviewed-by: Ray Ni <ray.ni@intel.com>
---
 MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c | 7 +------
 1 file changed, 1 insertion(+), 6 deletions(-)

diff --git a/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c b/MdeModulePk=
g/Core/DxeIplPeim/X64/VirtualMemory.c
index a451ca1604..18b121d768 100644
--- a/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c
+++ b/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c
@@ -626,12 +626,7 @@ EnablePageTableProtection (
   }
=20
   //
-  // Disable write protection, because we need to mark page table to be wr=
ite
-  // protected.
-  //
-  AsmWriteCr0 (AsmReadCr0 () & ~CR0_WP);
-
-  //
+  // No need to clear CR0.WP since PageTableBase has't been written to CR3=
 yet.
   // SetPageTablePoolReadOnly might update mPageTablePool. It's safer to
   // remember original one in advance.
   //
--=20
2.31.1.windows.1



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#92286): https://edk2.groups.io/g/devel/message/92286
Mute This Topic: https://groups.io/mt/92931315/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
From nobody Sun May  5 19:36:30 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of groups.io designates
 66.175.222.108 as permitted sender) client-ip=66.175.222.108;
 envelope-from=bounce+27952+92287+1787277+3901457@groups.io;
 helo=mail02.groups.io;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+92287+1787277+3901457@groups.io;
	dmarc=fail(p=none dis=none)  header.from=intel.com
ARC-Seal: i=1; a=rsa-sha256; t=1660109680; cv=none;
	d=zohomail.com; s=zohoarc;
	b=AZoHn3NX5vg1iN13TpeVpMyYJeGcdAQPY2hdnnYNMq9/oaqhOrFPzAQqfEvjwpuVuPdAUZD8IFmJmCzGXfXqlLEmYCaVFQSm8SDDb8dIquoHLXxLo1Aru+3qQRhJlwCtqBf0nLqruEyW4NNRLSiS37f5bQX7Q2HX+mdFEGWrZPY=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1660109680;
 h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To;
	bh=DdMbDBPeQsSwSZCBQ4TcIBNIyzXaesMW8hVHStsMFHw=;
	b=jYfwOt4qInws5AeyFL5PV/ZXCz/Hau/8tIXuWy3EekSF06fwVEe9EAdVOYWreD5LZsCQk1HypG5IUHASMldTYDcTyVzX0KwPPpzdd5P0DErXBAFhZIhEZ1oQSUiwyJHWljgQcLdzVY7is7aG3EvF3Ts4R4kxKv8dqYW6uf8KakY=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+92287+1787277+3901457@groups.io;
	dmarc=fail header.from=<dun.tan@intel.com> (p=none dis=none)
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by
 mx.zohomail.com
	with SMTPS id 1660109680377805.0051472287174;
 Tue, 9 Aug 2022 22:34:40 -0700 (PDT)
Return-Path: <bounce+27952+92287+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id pOsFYY1788612xCpgTfvNOUA;
 Tue, 09 Aug 2022 22:34:39 -0700
X-Received: from mga14.intel.com (mga14.intel.com [192.55.52.115])
 by mx.groups.io with SMTP id smtpd.web12.2539.1660109672243652742
 for <devel@edk2.groups.io>;
 Tue, 09 Aug 2022 22:34:38 -0700
X-IronPort-AV: E=McAfee;i="6400,9594,10434"; a="291002920"
X-IronPort-AV: E=Sophos;i="5.93,226,1654585200";
   d="scan'208";a="291002920"
X-Received: from orsmga006.jf.intel.com ([10.7.209.51])
  by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 09 Aug 2022 22:34:38 -0700
X-IronPort-AV: E=Sophos;i="5.93,226,1654585200";
   d="scan'208";a="581093874"
X-Received: from duntan-mobl.ccr.corp.intel.com ([10.239.157.47])
  by orsmga006-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 09 Aug 2022 22:34:36 -0700
From: "duntan" <dun.tan@intel.com>
To: devel@edk2.groups.io
Cc: Guo Dong <guo.dong@intel.com>,
	Ray Ni <ray.ni@intel.com>,
	Maurice Ma <maurice.ma@intel.com>,
	Benjamin You <benjamin.you@intel.com>,
	Sean Rhodes <sean@starlabs.systems>
Subject: [edk2-devel] [Patch V2 2/2] UefiPayloadPkg: Remove clearing CR0.WP
 when protecting pagetable
Date: Wed, 10 Aug 2022 13:34:00 +0800
Message-Id: <20220810053400.317-3-dun.tan@intel.com>
In-Reply-To: <20220810053400.317-1-dun.tan@intel.com>
References: <20220810053400.317-1-dun.tan@intel.com>
MIME-Version: 1.0
Precedence: Bulk
List-Unsubscribe: <mailto:devel+unsubscribe@edk2.groups.io>
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,dun.tan@intel.com
X-Gm-Message-State: tJSqR3g0IAMJJrSGJiEA7RFbx1787277AA=
Content-Transfer-Encoding: quoted-printable
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1660109679;
 bh=JAAnQAfCRQJxX3baksyJGirdAyPtAQA30zYsEV8g/Qc=;
 h=Cc:Date:From:Reply-To:Subject:To;
 b=TccoJQmh1TPwtoAWf4dwTNYG7pvR12vnRuRDJa03e8oRJm3IlI5i4S6Xpym7k5mV72b
 J1/yXz6RrY+Hg1y4+TQ+cXVvsbXl82BXCjrgfVOvFSmvn9hL4OB3REoRHRde2k8WedSbl
 94ly2IXnJnhCBLXwaggbivckqDydAxsizRs=
X-ZohoMail-DKIM: pass (identity @groups.io)
X-ZM-MESSAGEID: 1660109681379100001
Content-Type: text/plain; charset="utf-8"

Remove clearing CR0.WP when marking the memory used for page table
as read-only in the page table itself created by UefiPayloadEntry.
This page table address is written to Cr3 after these protection
steps. Till this, the memory used for page table is always RW.

Signed-off-by: Dun Tan <dun.tan@intel.com>
Cc: Guo Dong <guo.dong@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Maurice Ma <maurice.ma@intel.com>
Cc: Benjamin You <benjamin.you@intel.com>
Cc: Sean Rhodes <sean@starlabs.systems>
Reviewed-by: Guo Dong <guo.dong@intel.com>
Reviewed-by: Ray Ni <ray.ni@intel.com>
---
 UefiPayloadPkg/UefiPayloadEntry/X64/VirtualMemory.c | 7 +------
 1 file changed, 1 insertion(+), 6 deletions(-)

diff --git a/UefiPayloadPkg/UefiPayloadEntry/X64/VirtualMemory.c b/UefiPayl=
oadPkg/UefiPayloadEntry/X64/VirtualMemory.c
index 74b667a62a..a586941352 100644
--- a/UefiPayloadPkg/UefiPayloadEntry/X64/VirtualMemory.c
+++ b/UefiPayloadPkg/UefiPayloadEntry/X64/VirtualMemory.c
@@ -622,12 +622,7 @@ EnablePageTableProtection (
   }
=20
   //
-  // Disable write protection, because we need to mark page table to be wr=
ite
-  // protected.
-  //
-  AsmWriteCr0 (AsmReadCr0 () & ~CR0_WP);
-
-  //
+  // No need to clear CR0.WP since PageTableBase has't been written to CR3=
 yet.
   // SetPageTablePoolReadOnly might update mPageTablePool. It's safer to
   // remember original one in advance.
   //
--=20
2.31.1.windows.1



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#92287): https://edk2.groups.io/g/devel/message/92287
Mute This Topic: https://groups.io/mt/92931316/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-